CVE-2024-50134

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50134
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50134.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50134
Downstream
Related
Published
2024-11-05T17:10:58.939Z
Modified
2025-11-26T19:34:10.762183Z
Summary
drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/vboxvideo: Replace fake VLA at end of vbvamousepointer_shape with real VLA

Replace the fake VLA at end of the vbvamousepointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning:

[ 13.319813] memcpy: detected field-spanning write (size 16896) of single field "p->data" at drivers/gpu/drm/vboxvideo/hgsmibase.c:154 (size 4) [ 13.319841] WARNING: CPU: 0 PID: 1105 at drivers/gpu/drm/vboxvideo/hgsmibase.c:154 hgsmiupdatepointershape+0x192/0x1c0 [vboxvideo] [ 13.320038] Call Trace: [ 13.320173] hgsmiupdatepointershape [vboxvideo] [ 13.320184] vboxcursoratomic_update [vboxvideo]

Note as mentioned in the added comment it seems the original length calculation for the allocated and send hgsmi buffer is 4 bytes too large. Changing this is not the goal of this patch, so this behavior is kept.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/9c3874e559580d6c6ec8d449812ac11277724770/cves/2024/50xxx/CVE-2024-50134.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd55d44f408419278c00887bfcb2261d0caae350
Fixed
02c86c5d5ef4bbba17d38859c74872825f536617
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd55d44f408419278c00887bfcb2261d0caae350
Fixed
75f828e944dacaac8870418461d3d48a1ecf2331
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd55d44f408419278c00887bfcb2261d0caae350
Fixed
34a422274b693507025a7db21519865d1862afcb
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd55d44f408419278c00887bfcb2261d0caae350
Fixed
7458a6cdaebb3dc59af8578ee354fae78a154c4a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd55d44f408419278c00887bfcb2261d0caae350
Fixed
9eb32bd23bbcec44bcbef27b7f282b7a7f3d0391
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd55d44f408419278c00887bfcb2261d0caae350
Fixed
fae9dc12c61ce23cf29d09824a741b7b1ff8f01f
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
dd55d44f408419278c00887bfcb2261d0caae350
Fixed
d92b90f9a54d9300a6e883258e79f36dab53bfae

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.13.0
Fixed
5.4.285
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.229
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.170
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.115
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.59
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.6